Whitelisting Azure-to-Azure Site Recovery IP address Details (Outbound connectivity for URLs not supported cases)

Question

Am using NVA as CISCO NGFW for controlling all outbound traffic and wildcard based URL white-listing is not supported here. How do i allow specific IP address for enabling Azure-to-Azure Site recovery services. At the same time if my first question solved , can i enable Private Endpoint for all my storage accounts to my primary and secondary region. If i enable Private Endpoint in storage account in both region , will ASR replication will still seamlessly replicate and work?

Answer 1

While IP address based whitelisting was permitted earlier, we do not support it anymore and instead require our customers to use service tags to configure outbound connectivity. We have only moved away from IP address whitelisting. However, customers continue to have the choice to whitelist URLs. Please review our networking documentation here for complete details.

Checking on your second question, will post a response shortly

Answer 2

Reg: Private Endpoint: Site Recovery does not require to send any replication data to source storage or to target storage accounts. We only need the data to be sent from source machines to a cache storage account. Hence, one private endpoint can be created for it. It is supported and is called out in the documentation.

If an Answer is helpful, please “Accept Answer” or Up-Vote for the same which might be beneficial to other community members reading this thread.